[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Fwd: Xen-4.1.6.1 backport for XSA156
On 20.11.2015 16:59, Jan Beulich wrote: >>>> On 20.11.15 at 16:03, <stefan.bader@xxxxxxxxxxxxx> wrote: >> I am currently trying to backport the changes of XSA156 back to Xen-4.1.x >> and I >> am struggling with the VMX side. I did see the backports made for 4.2 and >> 3.4 on >> the security mailing list but I am not sure the 3.4 backport is not having >> the >> same issues (or similar ones). >> >> Trying to write down my understanding of the changes: For the 3.4 backport >> there >> are only changes to the toggles for debugging and the general trap mask. So >> if I >> understand this right, before the change, TRAP_debug and TRAP_int3 were only >> handled in vmexit when a debugger was attached to the domain. Now, only >> TRAP_int3 will be toggled and TRAP_debug is always handled. > > I've never looked at that 3.4 backport, but not changing the VMEXIT > handling certainly sounds wrong. I'll attach what I have done for 4.1. > Please report back any problems you encounter. If I am not missing any detail your 4.1 patch looks exactly the same as the version I ended up with (basically dropping some trace). Have you tested the resulting HV on an Intel/VMX box and tried to use ptrace inside the HVM guest? This is where my problems come from. Or potentially your vmx_inject_hw_exception has been modified since stable-4.1.6.1? -Stefan > > Jan > Attachment:
signature.asc _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |